Privacy under pressure

The round white tower in Capenhurst, Cheshire, looked mysterious.

Few in the area ever knew what it was for, except that it appeared almost overnight on land owned by British Nuclear Fuels Ltd.

It took a decade to emerge that it was built by British intelligence – GCHQ – and carefully situated between two BT microwave radio towers carrying telephone and data traffic.

It was the ideal location to intercept international telephone calls, emails or other electronic data from Ireland to the UK.

In 2008, the European Court of Human Rights ruled the British system of mass surveillance was in breach of the European Convention on Human Rights.

"The Irish government never formally objected to that surveillance," says TJ McIntyre, UCD law lecturer and chair of Digital Rights Ireland. "There is, I think, an unwillingness to rock the boat."

This summer, there was a similar muted reaction to revelations regarding the US National Security Agency's (NSA) sprawling surveillance and hoarding of communications data. European leaders were quick to voice their concern. There was full-throated opposition in Germany, for example, where the surveillance of citizens carries sinister echoes of the Stasi era.

State snooping
Yet, in Ireland, the issue of mass-surveillance of citizens has barely registered as a political issue. Authorities here are reluctant to reveal information on the extent to which the State is snooping on its citizens or sharing information with other jurisdictions.

However, some figures provide an insight into the scale of surveillance or intelligence-gathering here.

One of the main pieces of legislation which provides access to private data is the Communications (Data Retention) Act 2011. This obliges all service providers to store logs of customers’ phone or internet records for two years.

Irish authorities – the Garda, Defence Forces or Revenue Commissioners – can access this information only for serious cases such as combating serious crime and terrorism.

Latest detailed figures show they have been doing it on a regular basis – 35 times a day, or 12,700 times during 2011.

This is about 30 times the number of requests by law enforcement agencies for these kinds of records in countries of a similar size, such as Austria.

Digital Rights Ireland argues that the law is in breach of human rights and disproportionate in its implementation in Ireland.

The Department of Justice, however, argues our data-retention laws are proportionate and strike the right balance between security needs and human rights. It has refused to disclose details about the extent to which it is sharing this data with outside jurisdictions.

"There is, of course, ongoing contact between law enforcement agencies internationally where crimes are being investigated which have a cross-jurisdictional dimension," says a spokeswoman for Minister for Justice Alan Shatter.

“There are procedures in place under mutual assistance legislation to deal with requests from other jurisdictions for evidence in relation to specific cases, including retained data.”

It also says there are safeguards to protect any abuse. The operation of the Act is overseen by a High Court judge – Iarlaith O'Neill – who provides a report to the Oireachtas. His latest shows this oversight amounted to a visit to the Garda and other authorities on a single day in November last year.

In a two-page report, the judge concluded he was “satisfied that the relevant State authorities are in compliance” with the Act.

Other legislation provides for the actual interception of the content of private communication, rather than just “metadata” or logs of data.

We know even less about the scale of this activity. There is legislation to provide for the interception of phone calls – but not for internet activity. However, gardaí can access this kind of information through search warrants or other legal means.

Microsoft’s transparency report, published earlier this year, revealed gardaí made 72 requests last year seeking access to 222 accounts in 2012.

However, jurisdictions such as the US may not need the assistance of Irish authorities to access data of Irish citizen, according to digital rights campaigners .

The Prism programme – revealed by whistleblower Edward Snowden – allows the NSA easy access to the personal information of non-US persons from the databases of some of the world's biggest tech companies such as Apple, Google, Microsoft and Yahoo.

Other data is collected from extensive cable-tapping operations, which allow the agency to vacuum up the content of communications travelling through the fibre-optic cables that is the backbone of the internet.

Given that most Irish internet traffic ends up being routed through US cables – even an email being sent within the State – US authorities have access to this kind of information already.

A standard defence offered by governments to such surveillance is that law-abiding members of the public have nothing to fear.

Digital Rights Ireland is mounting a legal challenge to data retention provided for under law on the basis it is a breach of privacy and amounts to pre-emptive surveillance of the entire population .

“It treats everyone as potentially guilty and reverses the presumption of innocence,” McIntyre says.

Little concern
But anger and indignation over the extent to which the State, or outside jurisdictions, are snooping on citizens has gained little traction in Ireland.

Opposition has been confined to fringe campaign groups, while even left-wing parties have taken little interest. There are various theories as to why this may be the case.

Ireland, for example, doesn’t have the same weight of history on its shoulders as countries such as Germany. Neither does it have – as far as we know – a well-resourced intelligence service. Others suggest the State doesn’t want to do anything to threaten its relationship with either the US or multinational firms which may invest here.

Either way, the muted reaction to revelations a decade ago the UK was eavesdropping on Irish phone calls is instructive.

The white tower on the hill was demolished in 2004, after new technology rendered it redundant. New legislation has since reportedly given the British government access to monitor phone calls and emails in the UK without a warrant. This legislation is also likely to give it power to monitor the internet usage of the Irish.